[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit

To: Lan Guy <rlanguy@xxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit
From: Joerg Mayer <jmayer@xxxxxxxxx>
Date: Sun, 28 Mar 2004 16:44:31 +0200

On Sun, Mar 28, 2004 at 03:43:33PM +0200, Lan Guy wrote:
> is ethereal ver 0.10.3 released 25th March 2004 still vulnerable?

No, it isn't. Please have a look at the Ethereal 0.10.3 release notes.
They state that the bug has been fixed (plus about a dozen more). Or, if
you do not want to believe them, check the source (cvs diff).

 Ciao
   Joerg

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit
  - From: Eye on Security India
- Re: [Full-Disclosure] Ethereal(v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit
  - From: Lan Guy

Prev by Date: Re: [Full-Disclosure] :-)
Next by Date: Re: [Full-Disclosure] mirc 6.14
Previous by thread: Re: [Full-Disclosure] Ethereal (v0.10.0-0.10.2) IGAP Dissector Message Overflow Exploit
Next by thread: [Full-Disclosure] iss_pam1.dll remote exploits
Index(es):
- Date
- Thread